$50 Million CTF from Hackerone - Writeup
☆601Apr 2, 2019Updated 6 years ago
Alternatives and similar repositories for 50M_CTF_Writeup
Users that are interested in 50M_CTF_Writeup are comparing it to the libraries listed below
Sorting:
- An archive of low-level CTF challenges developed over the years☆653Nov 28, 2021Updated 4 years ago
- A tool to find sensitive keys and passwords in Travis logs☆139Jun 27, 2021Updated 4 years ago
- CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers.☆135Sep 25, 2019Updated 6 years ago
- Writeup for HackerOne H1-415 2020 CTF☆32Feb 3, 2020Updated 6 years ago
- SSRF (Server Side Request Forgery) testing resources☆2,482Oct 12, 2024Updated last year
- Fuzzing Payloads to Assist in Web Application Testing.☆166Jun 6, 2019Updated 6 years ago
- Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys☆657Feb 1, 2025Updated last year
- CTF (Capture The Flag) writeups, code snippets, scripts☆16Oct 18, 2018Updated 7 years ago
- stuff i'm willing to share with the world lol☆171Oct 17, 2022Updated 3 years ago
- A simple SSRF-testing sheriff written in Go☆336Oct 31, 2024Updated last year
- A cross-platform note-taking & target-tracking app for penetration testers.☆917Jan 17, 2023Updated 3 years ago
- A Tool for Domain Flyovers☆5,904May 22, 2022Updated 3 years ago
- CVE-2019-5418 - File Content Disclosure on Ruby on Rails☆201Apr 5, 2021Updated 4 years ago
- Notes about attacking Jenkins servers☆2,091Jul 10, 2024Updated last year
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆303Feb 12, 2023Updated 3 years ago
- This script is intended to automate your reconnaissance process in an organized fashion☆2,015Aug 19, 2021Updated 4 years ago
- Awesome XSS stuff☆5,066Oct 30, 2024Updated last year
- Research on GraphQL from an AppSec point of view.☆418May 24, 2023Updated 2 years ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,779Apr 26, 2024Updated last year
- A collection of custom security tools for quick needs.☆3,284May 1, 2023Updated 2 years ago
- Multi Tool Subdomain Enumeration☆723Apr 11, 2021Updated 4 years ago
- A collection of hacks and one-off scripts☆2,423Mar 13, 2025Updated 11 months ago
- Detect exposed API keys on GitHub commits.☆35Jul 27, 2022Updated 3 years ago
- Security tool to find potential vulnerable Server Side Request Forgery (SSRF) parameters.☆355Feb 13, 2026Updated 3 weeks ago
- Everything about Web Application Firewalls (WAFs) from Security Standpoint! 🔥☆7,375Aug 28, 2025Updated 6 months ago
- CVE-2019-12949☆26Jun 28, 2019Updated 6 years ago
- List of Awesome Asset Discovery Resources☆2,377Jan 22, 2025Updated last year
- A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.☆5,451Jan 15, 2024Updated 2 years ago
- A curated list of amazingly awesome Burp Extensions☆3,372Feb 17, 2026Updated 2 weeks ago
- A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, al…☆2,184Dec 11, 2022Updated 3 years ago
- HTTP parameter discovery suite.☆6,109Feb 20, 2025Updated last year
- Wiki to collect Red Team infrastructure hardening resources☆4,450Oct 1, 2025Updated 5 months ago
- This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location☆1,361Jan 24, 2021Updated 5 years ago
- Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.☆6,082Aug 14, 2024Updated last year
- There is no pre-auth RCE in Jenkins since May 2017, but this is the one!☆607May 17, 2019Updated 6 years ago
- This repository will serve as the "master" repo containing all trainings and tutorials done in preperation for OSWE in conjunction with t…☆930Jan 6, 2025Updated last year
- Automatic SSRF fuzzer and exploitation tool☆3,489Sep 4, 2025Updated 6 months ago
- A Pwn2Own exploit chain☆756Nov 8, 2018Updated 7 years ago
- Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed b…☆1,027Feb 5, 2021Updated 5 years ago